﻿using System;
using System.Collections.Generic;
using System.Text;
using System.Data.SqlClient;
using System.Data;
using Entity;
using System.Security.Cryptography;

namespace DataAccess
{
    public class UsersDA
    {
        SqlDataAdapter da;
        private string Md5AddSecret(string strChange)
        {
            //Change the syllable into UTF8 code
            byte[] pass = Encoding.UTF8.GetBytes(strChange);
            MD5 md5 = new MD5CryptoServiceProvider();
            string strPassword = Encoding.UTF8.GetString(md5.ComputeHash(pass));
            return strPassword;
        }

        public bool ResetPassword(Users us)
        {
            using (SqlConnection connection = Database.GetConnection())
            {
                try
                {
                    String pass = Md5AddSecret("123456");
                    connection.Open();
                    SqlCommand command = new SqlCommand("resetPass", connection);
                    command.CommandType = CommandType.StoredProcedure;

                    command.Parameters.Add("@UserName", SqlDbType.VarChar);
                    command.Parameters["@UserName"].Value = us.UserName.ToString();

                    command.Parameters.Add("@Password", SqlDbType.VarChar);
                    command.Parameters["@Password"].Value = pass;

                    command.ExecuteNonQuery();
                    connection.Close();
                    return true;
                }
                catch (Exception e)
                {
                    connection.Close();
                    return false;
                }
            }
        }

        public DataSet getUser(int currPage, int recodperpage, int Pagesize)
        {
            using (SqlConnection connection = Database.GetConnection())
            {
                try
                {
                    connection.Open();
                    DataSet dt = null;
                    da = new SqlDataAdapter("spUser_PhanTrang", connection);
                    da.SelectCommand.CommandType = CommandType.StoredProcedure;
                    da.SelectCommand.Parameters.Add(new SqlParameter("@currPage", currPage));
                    da.SelectCommand.Parameters.Add(new SqlParameter("@recodperpage", recodperpage));
                    da.SelectCommand.Parameters.Add(new SqlParameter("@Pagesize", Pagesize));
                    dt = new DataSet();
                    da.Fill(dt);
                    connection.Close();
                    return dt;
                }
                catch (Exception e)
                {
                    connection.Close();
                    return null;
                }
            }
        }

        public bool CreateUser(Users us)
        {
            using (SqlConnection connection = Database.GetConnection())
            {
                try
                {
                    string pass=Md5AddSecret(us.Password.ToString());
                    connection.Open();
                    SqlCommand command = new SqlCommand("addUsers", connection);
                    command.CommandType = CommandType.StoredProcedure;

                    command.Parameters.Add("@UserName", SqlDbType.VarChar);
                    command.Parameters["@UserName"].Value = us.UserName.ToString();

                    command.Parameters.Add("@Password", SqlDbType.VarChar);
                    command.Parameters["@Password"].Value = pass;

                    command.Parameters.Add("@UserStatus", SqlDbType.Int);
                    command.Parameters["@UserStatus"].Value = us.UserStatus.ToString();

                    command.ExecuteNonQuery();
                    connection.Close();
                    return true;
                }
                catch (Exception e)
                {
                    connection.Close();
                    return false;
                }
            }
        }

        public Users getUserByName(string name)
        {
            using (SqlConnection connection = Database.GetConnection())
            {
                try
                {
                    connection.Open();
                    SqlCommand cmd = new SqlCommand("selectUserByName", connection);
                    cmd.CommandType = CommandType.StoredProcedure;
                    cmd.Parameters.Add(new SqlParameter("@UserName", name));
                    SqlDataReader dr = cmd.ExecuteReader();
                    Users us = null;
                    if (dr.Read())
                    {
                        String userName = dr["UserName"].ToString();
                        String password = dr["Passwords"].ToString();
                        int status = Int32.Parse(dr["UsersStatus"].ToString());
                        us = new Users(userName, password, status);
                    }
                    connection.Close();
                    return us;
                }
                catch (Exception e)
                {
                    connection.Close();
                    return null;
                }
            }
        }

        public bool UpdateUser(Users us)
        {
            using (SqlConnection connection = Database.GetConnection())
            {
                try
                {
                    connection.Open();
                    SqlCommand command = new SqlCommand("updateUsers", connection);
                    command.CommandType = CommandType.StoredProcedure;

                    command.Parameters.Add("@UserName", SqlDbType.VarChar);
                    command.Parameters["@UserName"].Value = us.UserName.ToString();

                    command.Parameters.Add("@Password", SqlDbType.VarChar);
                    command.Parameters["@Password"].Value = us.Password.ToString();

                    command.Parameters.Add("@UserStatus", SqlDbType.Int);
                    command.Parameters["@UserStatus"].Value = us.UserStatus.ToString();

                    command.ExecuteNonQuery();
                    connection.Close();
                    return true;
                }
                catch (Exception e)
                {
                    connection.Close();
                    return false;
                }
            }
        }

        public bool DeleteUser(Users us)
        {
            using (SqlConnection connection = Database.GetConnection())
            {
                try
                {
                    connection.Open();
                    SqlCommand command = new SqlCommand("removeUsers", connection);
                    command.CommandType = CommandType.StoredProcedure;
                    command.Parameters.Add(new SqlParameter("@UserName", us.UserName));
                    command.ExecuteNonQuery();
                    connection.Close();
                    return true;
                }
                catch (Exception e)
                {
                    connection.Close();
                    return false;
                }
            }
        }

    }
}
